Closed djkutiger closed 7 years ago
Have you got an example of a real & non-working domain?
This doesn't seem to be an issue with kube-lego, but rather either you DNS configuration or the 'ping' command in alpine linux itself (which is highly unlikely too!!).
I've just had success with the following:
➜ ~ kc exec -it kube-lego-3059478269-plcrc -n kube-lego -- ping a.b.xip.org
PING a.b.xip.org (185.53.178.9): 56 data bytes
ping: permission denied (are you root?)
(whilst the ping itself isn't possible due to policies on the kube-lego container, it is able to resolve the domain).
Could you provide some more information about a) which domain you're resolving, b) your DNS configuration, c) error messages that you are seeing from kube-lego (preferably with an actual domain that I can attempt to ping myself!)
Also, when did you point the record for a.b.example.com
at your ingress controller? Could it be that the record is still propagating and/or kube-lego has cached a stale DNS record prior to the new record propagating?
Sorry for bothering. Now everything works as expected.
As a consequence kube-lego is not able to access http://a.b.example.com/.well-known/acme-challenge/_selftest